CVE-2024-37144

Name of the Vulnerable Software and Affected Versions Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00 Dell PowerFlex rack versions prior to RCM 3.8.1.0 and prior to RCM 3.7.6.0 Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0 Dell InsightIQ versions prior to 5.1.1 Dell Data Lakehouse versions prior to 1.2.0.0

Description The issue is related to insecure storage of sensitive information. A high privileged attacker with local access could potentially exploit this, leading to information disclosure. The attacker may use disclosed information to gain unauthorized access to pods within the cluster.

Recommendations For Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, update to a version that includes the fix for this issue. For Dell PowerFlex rack versions prior to RCM 3.8.1.0 and prior to RCM 3.7.6.0, update to a version that includes the fix for this issue. For Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, update to version 4.6.1.0 or later. For Dell InsightIQ versions prior to 5.1.1, update to version 5.1.1 or later. For Dell Data Lakehouse versions prior to 1.2.0.0, update to version 1.2.0.0 or later.